SoheilKhodayari / TheThingLinks
TheThing: an open-source tool to detect DOM Clobbering vulnerabilities
☆49Updated last year
Alternatives and similar repositories for TheThing
Users that are interested in TheThing are comparing it to the libraries listed below
Sorting:
- Same Origin XSS challenge☆61Updated 3 years ago
- DOM Clobbering Wiki, Browser Testing, and Payload Generation☆51Updated last month
- Searcher for cross-site leaks (XS-Leaks)☆82Updated 2 years ago
- Guided Differential Fuzzing for HTTP Request Parsing Discrepancies☆17Updated last year
- Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js☆65Updated last year
- Client-Side Prototype Pollution Tools☆84Updated 3 years ago
- Proof of Concepts for unsafe deserialization in Ruby☆16Updated 7 months ago
- Awesome MXSS ??☆50Updated 8 months ago
- JAW: A Graph-based Security Analysis Framework for Client-side JavaScript☆107Updated 5 months ago
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆90Updated 7 months ago
- ☆18Updated 2 months ago
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆60Updated last year
- XS-Leak Browser Test Suite☆81Updated last year
- Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide☆41Updated 5 months ago
- This repository is a one-stop shop for diving deep into the fascinating world of mXSS (mutations caused by browser quirks in HTML parsing…☆22Updated 3 months ago
- CTF writeups☆30Updated 3 years ago
- Prototype Pollution exploits collection☆34Updated 3 years ago
- ☆94Updated 3 years ago
- List of Trusted Types bypasses☆93Updated last year
- tetctf2020_amf_writeups☆23Updated 4 years ago
- A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers☆12Updated last year
- Utility for creating ZipSlip archives☆72Updated 2 years ago
- Chrome extension to detect possible xsleaks☆12Updated 6 years ago
- Demo of the URLClassLoader JAR-swapping showing the ability to replace and exploit an already loaded JAR with inner classes☆31Updated 2 years ago
- This repository is an interactive collection of my solutions to various XSS challenges.☆12Updated 4 years ago
- jws2pubkey tool☆38Updated 11 months ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆32Updated 3 months ago
- ☆72Updated 3 years ago
- Blog about HTTP Request Smuggling, including a demo application.☆27Updated 3 years ago
- ☆56Updated 3 years ago